From 08cc7f673c377bf88897743e340097e93f1e95f4 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 16 Jan 2013 09:30:05 -0500
Subject: [PATCH] - Changed regex for redirect path (Web sites, subdomains, vhost subdomains, alias domains) and web folder (vhost subdomains) so that ".." is not allowed (in order to prevent path traversals). - nginx: don't allow folders for proxy redirects (subdomains and alias domains); URL is required. - nginx: modified rewriting.

---
 server/plugins-available/apache2_plugin.inc.php |   35 +++++++++++++++++++++++++++++------
 1 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index c40afbf..41040c0 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -121,8 +121,14 @@
 			$this->ssl_certificate_changed = true;
 			
 			//* Rename files if they exist
-			if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
-			if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
+			if(file_exists($key_file)){
+				$app->system->rename($key_file,$key_file.'.bak');
+				$app->system->chmod($key_file.'.bak',0400);
+			}
+			if(file_exists($key_file2)){
+				$app->system->rename($key_file2,$key_file2.'.bak');
+				$app->system->chmod($key_file2.'.bak',0400);
+			}
 			if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
 			if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');
 			
@@ -165,11 +171,15 @@
 
 			$rand_file = escapeshellcmd($rand_file);
 			$key_file = escapeshellcmd($key_file);
+			if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') != false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
 			$key_file2 = escapeshellcmd($key_file2);
+			if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') != false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
 			$ssl_days = 3650;
 			$csr_file = escapeshellcmd($csr_file);
+			if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') != false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
 			$config_file = escapeshellcmd($ssl_cnf_file);
 			$crt_file = escapeshellcmd($crt_file);
+			if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') != false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
 
 			if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
 				
@@ -190,6 +200,7 @@
 			
 			}
 
+			$app->system->chmod($key_file,0400);
 			$app->system->chmod($key_file2,0400);
 			@$app->system->unlink($config_file);
 			@$app->system->unlink($rand_file);
@@ -216,8 +227,14 @@
 			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
 			
 			//* Backup files
-			if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
-			if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
+			if(file_exists($key_file)){
+				$app->system->copy($key_file,$key_file.'~');
+				$app->system->chmod($key_file.'~',0400);
+			}
+			if(file_exists($key_file2)){
+				$app->system->copy($key_file2,$key_file2.'~');
+				$app->system->chmod($key_file2.'~',0400);
+			}
 			if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
 			if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
 			if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
@@ -1450,8 +1467,14 @@
 					$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
 					
 					//* Backup the files that might have caused the error
-					if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
-					if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
+					if(is_file($key_file)){
+						$app->system->copy($key_file,$key_file.'.err');
+						$app->system->chmod($key_file.'.err',0400);
+					}
+					if(is_file($key_file2)){
+						$app->system->copy($key_file2,$key_file2.'.err');
+						$app->system->chmod($key_file2.'.err',0400);
+					}
 					if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
 					if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
 					if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');

--
Gitblit v1.9.1